Lucene search
PRIOn knowledge basePRION:CVE-2018-19837HistoryDec 04, 2018 - 9:29 a.m.
Code injection
2018-12-0409:29:00
PRIOn knowledge base
www.prio-n.com
3
In LibSass prior to 3.5.5, Sass::Eval::operator()(Sass::Binary_Expression*) inside eval.cpp allows attackers to cause a denial-of-service resulting from stack consumption via a crafted sass file, because of certain incorrect parsing of ‘%’ as a modulo operator in parser.cpp.
References
lists.opensuse.org/opensuse-security-announce/2019-07/msg00047.html
lists.opensuse.org/opensuse-security-announce/2019-07/msg00051.html
lists.opensuse.org/opensuse-security-announce/2019-08/msg00027.html
github.com/sass/libsass/commit/210fdff7a65370c2ae24e022a2b35da8c423cc5f
github.com/sass/libsass/issues/2659
Related
redhatcve
redhatcve
CVE-2018-19837
2019-05-14 12:09:22
veracode
veracode
Denial Of Service (DoS)
2019-07-26 03:57:04
osv
osv
CVE-2018-19837
2018-12-04 09:29:00
cve
cve
CVE-2018-19837
2018-12-04 09:29:00
cvelist
cvelist
CVE-2018-19837
2018-12-04 09:00:00
ubuntucve
ubuntucve
CVE-2018-19837
2018-12-04 00:00:00
debiancve
debiancve
CVE-2018-19837
2018-12-04 09:29:00
nvd
nvd
CVE-2018-19837
2018-12-04 09:29:00
suse
suse
Security update for libsass (moderate)
2019-07-24 00:00:00
Security update for libsass (moderate)
2019-08-14 00:00:00
Security update for libsass (moderate)
2019-07-23 00:00:00
openvas
openvas
openSUSE: Security Advisory for libsass (openSUSE-SU-2019:1791-1)
2019-07-24 00:00:00
Mageia: Security Advisory (MGASA-2020-0049)
2022-01-28 00:00:00
mageia
mageia
Updated libsass packages fix security vulnerabilities
2020-01-28 10:52:40
nessus
nessus
openSUSE Security Update : libsass (openSUSE-2019-1791)
2019-07-24 00:00:00
